diff --git a/README.md b/README.md
index f11d801..47df897 100644
--- a/README.md
+++ b/README.md
@@ -18,13 +18,13 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
Federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser, using WebTorrent.
-**Shipped version:** 4.3.1~ynh2
+**Shipped version:** 5.0.1~ynh1
**Demo:** http://peertube.cpy.re
## Screenshots
-
+
## Disclaimers / important information
diff --git a/README_fr.md b/README_fr.md
index fd726b6..645a3a4 100644
--- a/README_fr.md
+++ b/README_fr.md
@@ -18,13 +18,13 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour
Plateforme de streaming vidéo fédérée (ActivityPub) utilisant P2P (BitTorrent) directement dans le navigateur Web, en utilisant WebTorrent
-**Version incluse :** 4.3.1~ynh2
+**Version incluse :** 5.0.1~ynh1
**Démo :** http://peertube.cpy.re
## Captures d'écran
-
+
## Avertissements / informations importantes
diff --git a/conf/app.src b/conf/app.src
index af3ad80..bacbed2 100644
--- a/conf/app.src
+++ b/conf/app.src
@@ -1,5 +1,5 @@
-SOURCE_URL=https://github.com/Chocobozzz/PeerTube/releases/download/v4.3.1/peertube-v4.3.1.tar.xz
-SOURCE_SUM=345a5675943b379022ee6884b61e1aa51bfbbc01e2d818a785ced0c8b350011b
+SOURCE_URL=https://github.com/Chocobozzz/PeerTube/releases/download/v5.0.1/peertube-v5.0.1.tar.xz
+SOURCE_SUM=f43d36fb73b87dc1e6f86fc4d5039aba9f4619c5fff6d64669a900989bed80e2
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.xz
SOURCE_IN_SUBDIR=true
diff --git a/conf/nginx.conf b/conf/nginx.conf
index 6581403..f8345c1 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -78,6 +78,11 @@ location /tracker/socket {
try_files /dev/null @api_websocket;
}
+# Plugin websocket routes
+location ~ ^/plugins/[^/]+(/[^/]+)?/ws/ {
+ try_files /dev/null @api_websocket;
+}
+
##
# Performance optimizations
# For extra performance please refer to https://github.com/denji/nginx-tuning
@@ -154,6 +159,18 @@ location ~ ^/static/(thumbnails|avatars)/ {
try_files $uri @api;
}
+location ~ ^(/static/(webseed|streaming-playlists)/private/)|^/download {
+ # We can't rate limit a try_files directive, so we need to duplicate @api
+
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+
+ proxy_limit_rate 5M;
+
+ proxy_pass http://127.0.0.1:__PORT__;
+}
+
# Bypass PeerTube for performance reasons. Optional.
location ~ ^/static/(webseed|redundancy|streaming-playlists)/ {
limit_rate_after 5M;
@@ -167,9 +184,9 @@ location ~ ^/static/(webseed|redundancy|streaming-playlists)/ {
}
# Use this line with nginx >= 1.17.0
- # limit_rate $peertube_limit_rate;
+ limit_rate $peertube_limit_rate;
# Or this line if your nginx < 1.17.0
- set $limit_rate $peertube_limit_rate;
+ # set $limit_rate $peertube_limit_rate;
if ($request_method = 'OPTIONS') {
more_set_headers "Access-Control-Allow-Origin : *";
diff --git a/conf/production.yaml b/conf/production.yaml
index 41614b7..28731b5 100644
--- a/conf/production.yaml
+++ b/conf/production.yaml
@@ -8,6 +8,12 @@ webserver:
hostname: '__DOMAIN__'
port: 443
+# Secrets you need to generate the first time you run PeerTube
+secrets:
+ # Generate one using `openssl rand -hex 32`
+ peertube: '__SECRETS_PEERTUBE__'
+
+
rates_limit:
api:
# 50 attempts in 10 seconds
@@ -120,6 +126,7 @@ storage:
captions: '__DATADIR__/captions/'
cache: '__DATADIR__/cache/'
plugins: '__DATADIR__/plugins/'
+ well_known: '__DATADIR__/well-known/'
# Overridable client files in client/dist/assets/images:
# - logo.svg
# - favicon.png
@@ -132,6 +139,10 @@ storage:
# If not, peertube will fallback to the default file
client_overrides: '__DATADIR__/client-overrides/'
+static_files:
+ # Require and check user authentication when accessing private files (internal/private video files)
+ private_files_require_auth: true
+
object_storage:
enabled: false
@@ -140,8 +151,19 @@ object_storage:
region: 'us-east-1'
- # Set this ACL on each uploaded object
- upload_acl: 'public-read'
+ upload_acl:
+ # Set this ACL on each uploaded object of public/unlisted videos
+ public: 'public-read'
+ # Set this ACL on each uploaded object of private/internal videos
+ # PeerTube can proxify requests to private objects so your users can access them
+ private: 'private'
+
+ proxy:
+ # If private files (private/internal video files) have a private ACL, users can't access directly the ressource
+ # PeerTube can proxify requests between your object storage service and your users
+ # If you disable PeerTube proxy, ensure you use your own proxy that is able to access the private files
+ # Or you can also set a public ACL for private files in object storage if you don't want to use a proxy
+ proxify_private_files: true
credentials:
# You can also use AWS_ACCESS_KEY_ID env variable
@@ -186,13 +208,15 @@ log:
# Accept warn/error logs coming from the client
accept_client_log: true
-# Highly experimental support of Open Telemetry
+# Support of Open Telemetry metrics and tracing
+# For more information: https://docs.joinpeertube.org/maintain-observability
open_telemetry:
metrics:
enabled: false
# Create a prometheus exporter server on this port so prometheus server can scrape PeerTube metrics
prometheus_exporter:
+ hostname: '127.0.0.1'
port: 9091
tracing:
@@ -567,6 +591,9 @@ import:
# Number of latest published videos to check and to potentially import when syncing a channel
videos_limit_per_synchronization: 10
+ # Max number of videos to import when the user asks for full sync
+ full_sync_videos_limit: 1000
+
auto_blacklist:
# New videos automatically blacklisted so moderators can review before publishing
videos:
@@ -648,7 +675,8 @@ instance:
robots: |
User-agent: *
Disallow:
- # Security.txt rules. To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string
+ # /.well-known/security.txt rules. This endpoint is cached, so you may have to wait a few hours before viewing your changes
+ # To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string
securitytxt:
'# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:'
@@ -713,9 +741,9 @@ search:
# You should deploy your own with https://framagit.org/framasoft/peertube/search-index,
# and can use https://search.joinpeertube.org/ for tests, but keep in mind the latter is an unmoderated search index
url: ''
- # You can disable local search, so users only use the search index
+ # You can disable local search in the client, so users only use the search index
disable_local_search: false
- # If you did not disable local search, you can decide to use the search index by default
+ # If you did not disable local search in the client, you can decide to use the search index by default
is_default_search: false
# PeerTube client/interface configuration
diff --git a/doc/screenshots/screenshot1.jpg b/doc/screenshots/screenshot1.jpg
new file mode 100644
index 0000000..c849ff3
Binary files /dev/null and b/doc/screenshots/screenshot1.jpg differ
diff --git a/doc/screenshots/screenshot1.png b/doc/screenshots/screenshot1.png
deleted file mode 100644
index a7424ad..0000000
Binary files a/doc/screenshots/screenshot1.png and /dev/null differ
diff --git a/manifest.json b/manifest.json
index 5f64bb4..701bafc 100644
--- a/manifest.json
+++ b/manifest.json
@@ -6,7 +6,7 @@
"en": "Video streaming platform using P2P directly in the web browser, connected to a federated network",
"fr": "Plateforme de diffusion vidéo par P2P directement dans le navigateur, et connectée à un réseau fédéralisé"
},
- "version": "4.3.1~ynh2",
+ "version": "5.0.1~ynh1",
"url": "https://github.com/Chocobozzz/PeerTube",
"upstream": {
"license": "AGPL-3.0-only",
diff --git a/scripts/install b/scripts/install
index 91ffa96..5c644ee 100644
--- a/scripts/install
+++ b/scripts/install
@@ -35,6 +35,7 @@ app=$YNH_APP_INSTANCE_NAME
admin_mail=$(ynh_user_get_info --username=$admin --key="mail")
admin_pass=$(ynh_string_random --length=24)
+secrets_peertube=$(ynh_string_random --length=24)
# Define app's data directory
datadir="/home/yunohost.app/${app}/storage"
@@ -57,6 +58,7 @@ ynh_script_progression --message="Storing installation settings..."
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=admin --value=$admin
+ynh_app_setting_set --app=$app --key=secrets_peertube --value=$secrets_peertube
#=================================================
# STANDARD MODIFICATIONS
diff --git a/scripts/upgrade b/scripts/upgrade
index e1bf407..1e34cf9 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -30,6 +30,7 @@ db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
admin_mail=$(ynh_user_get_info --username=$admin --key="mail")
redis_db=$(ynh_app_setting_get --app=$app --key=redis_db)
+secrets_peertube=$(ynh_app_setting_get --app=$app --key=secrets_peertube)
#=================================================
# CHECK VERSION
@@ -205,6 +206,16 @@ chmod 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
+#=================================================
+# Generate secrets if they don't exist
+#=================================================
+
+if [ -z "$secrets_peertube" ]; then
+ ynh_print_info --message="Generating and storing PeerTube secrets..."
+ secrets_peertube=$(ynh_string_random --length=24)
+ ynh_app_setting_set --app=$app --key=secrets_peertube --value=$secrets_peertube
+fi
+
#=================================================
# BUILD YARN DEPENDENCIES
#=================================================
@@ -285,6 +296,7 @@ if ynh_compare_current_package_version --comparison lt --version 4.2.0~ynh1; the
popd
fi
+
#=================================================
# STOP SYSTEMD SERVICE
#=================================================